1 files changed, 124 insertions, 20 deletions
diff --git a/src/identity-token/identity-token.c b/src/identity-token/identity-token.c
index 9f22f1671..dc0154c21 100644
--- a/src/identity-token/identity-token.c
+++ b/src/identity-token/identity-token.c
@@ -57,21 +57,23 @@ create_sym_key_from_ecdh(const struct GNUNET_HashCode *new_key_hash,
  return GNUNET_OK;
 }
 /**
 * Decrypts metainfo part from a token code
 */
 static int
 decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
                   const struct GNUNET_CRYPTO_EcdhePublicKey *ecdh_key,
-                   const char *enc_str,
+                   const char *cyphertext,
-                   size_t enc_str_len,
+                   size_t cyphertext_len,
                   char **result_str)
 {
  struct GNUNET_HashCode new_key_hash;
  struct GNUNET_CRYPTO_SymmetricSessionKey enc_key;
  struct GNUNET_CRYPTO_SymmetricInitializationVector enc_iv;
-  char *str_buf = GNUNET_malloc (enc_str_len);
+  char *str_buf = GNUNET_malloc (cyphertext_len);
  size_t str_size;
  //Calculate symmetric key from ecdh parameters
@@ -83,15 +85,16 @@ decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
                            &enc_key,
                            &enc_iv);
-  str_size = GNUNET_CRYPTO_symmetric_decrypt (enc_str,
+  str_size = GNUNET_CRYPTO_symmetric_decrypt (cyphertext,
-                                              enc_str_len,
+                                              cyphertext_len,
                                              &enc_key,
                                              &enc_iv,
                                              str_buf);
-  GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Decrypted bytes: %d Expected bytes: %d\n", str_size, enc_str_len);
+  GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Decrypted bytes: %d Expected bytes: %d\n", str_size, cyphertext_len);
  if (-1 == str_size)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "ECDH invalid\n");
+    GNUNET_free (str_buf);
    return GNUNET_SYSERR;
  }
  *result_str = GNUNET_malloc (str_size+1);
@@ -103,37 +106,71 @@ decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
 }
 /**
+ * Decrypt string using pubkey and ECDHE
+*/
+static int
+decrypt_str_ecdhe2 (const struct GNUNET_CRYPTO_EcdhePrivateKey *ecdh_privkey,
+                    const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
+                    const char *ciphertext,
+                    size_t ciphertext_len,
+                    char **plaintext)
+{
+  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
+  struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
+  struct GNUNET_HashCode new_key_hash;
+  //This is true see documentation for GNUNET_CRYPTO_symmetric_encrypt
+  *plaintext = GNUNET_malloc (ciphertext_len);
+  // Derived key K = H(eB)
+  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdh_ecdsa (ecdh_privkey,
+                                                        aud_key,
+                                                        &new_key_hash));
+  create_sym_key_from_ecdh(&new_key_hash, &skey, &iv);
+  GNUNET_CRYPTO_symmetric_decrypt (ciphertext,
+                                   ciphertext_len,
+                                   &skey, &iv,
+                                   *plaintext);
+  return GNUNET_OK;
+}
+/**
 * Encrypt string using pubkey and ECDHE
 * Returns ECDHE pubkey to be used for decryption
 */
 static int
-encrypt_str_ecdhe (const char *data,
+encrypt_str_ecdhe (const char *plaintext,
                   const struct GNUNET_CRYPTO_EcdsaPublicKey *pub_key,
-                   char **enc_data_str,
+                   char **cyphertext,
+                   struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey,
                   struct GNUNET_CRYPTO_EcdhePublicKey *ecdh_pubkey)
 {
-  struct GNUNET_CRYPTO_EcdhePrivateKey *ecdh_privkey;
  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
  struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
  struct GNUNET_HashCode new_key_hash;
-  
+  ssize_t enc_size;
  // ECDH keypair E = eG
-  ecdh_privkey = GNUNET_CRYPTO_ecdhe_key_create();
+  *ecdh_privkey = GNUNET_CRYPTO_ecdhe_key_create();
-  GNUNET_CRYPTO_ecdhe_key_get_public (ecdh_privkey,
+  GNUNET_CRYPTO_ecdhe_key_get_public (*ecdh_privkey,
                                      ecdh_pubkey);
-  *enc_data_str = GNUNET_malloc (strlen (data));
+  //This is true see documentation for GNUNET_CRYPTO_symmetric_encrypt
+  *cyphertext = GNUNET_malloc (strlen (plaintext));
  // Derived key K = H(eB)
-  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdh_ecdsa (ecdh_privkey,
+  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdh_ecdsa (*ecdh_privkey,
                                                        pub_key,
                                                        &new_key_hash));
  create_sym_key_from_ecdh(&new_key_hash, &skey, &iv);
-  GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypting string %s\n", data);
+  GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypting string %s\n (len=%d)",
-  GNUNET_CRYPTO_symmetric_encrypt (data, strlen (data),
+              plaintext,
-                                   &skey, &iv,
+              strlen (plaintext));
-                                   *enc_data_str);
+  enc_size = GNUNET_CRYPTO_symmetric_encrypt (plaintext, strlen (plaintext),
-  GNUNET_free (ecdh_privkey);
+                                              &skey, &iv,
+                                              *cyphertext);
+  GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypted (len=%d)", enc_size);
  return GNUNET_OK;
 }
@@ -209,6 +246,65 @@ identity_token_add_json (const struct IdentityToken *token,
 int
+identity_token_parse2 (const char* raw_data,
+                       const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key,
+                       const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
+                       struct IdentityToken **result)
+{
+  char *enc_token_str;
+  char *tmp_buf;
+  char *token_str;
+  char *enc_token;
+  char *header;
+  char *header_base64;
+  char *payload;
+  char *payload_base64;
+  size_t enc_token_len;
+  json_error_t err_json;
+  GNUNET_asprintf (&tmp_buf, "%s", raw_data);
+  strtok (tmp_buf, ",");
+  enc_token_str = strtok (NULL, ",");
+  enc_token_len = GNUNET_STRINGS_base64_decode (enc_token_str,
+                                                strlen (enc_token_str),
+                                                &enc_token);
+  if (GNUNET_OK != decrypt_str_ecdhe2 (priv_key,
+                                       aud_key,
+                                       enc_token,
+                                       enc_token_len,
+                                       &token_str))
+  {
+    GNUNET_free (tmp_buf);
+    GNUNET_free (enc_token);
+    return GNUNET_SYSERR;
+  }
+  header_base64 = strtok (token_str, ".");
+  payload_base64 = strtok (NULL, ".");
+  GNUNET_STRINGS_base64_decode (header_base64,
+                                strlen (header_base64),
+                                &header);
+  GNUNET_STRINGS_base64_decode (payload_base64,
+                                strlen (payload_base64),
+                                &payload);
+  //TODO signature
+  *result = GNUNET_malloc (sizeof (struct IdentityToken));
+  (*result)->aud_key =  *aud_key;
+  (*result)->header = json_loads (header, JSON_DECODE_ANY, &err_json);
+  (*result)->payload = json_loads (payload, JSON_DECODE_ANY, &err_json);
+  GNUNET_free (enc_token);
+  GNUNET_free (token_str);
+  GNUNET_free (tmp_buf);
+  GNUNET_free (payload);
+  GNUNET_free (header);
+  return GNUNET_OK;
+}
+int
 identity_token_parse (const char* raw_data,
                      const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
                      struct IdentityToken **result)
@@ -342,6 +438,7 @@ identity_token_to_string (const struct IdentityToken *token,
 int
 identity_token_serialize (const struct IdentityToken *token,
                          const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
+                          struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey,
                          char **result)
 {
  char *token_str;
@@ -357,6 +454,7 @@ identity_token_serialize (const struct IdentityToken *token,
  GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (token_str,
                                                 &token->aud_key,
                                                 &enc_token,
+                                                 ecdh_privkey,
                                                 &ecdh_pubkey));
  GNUNET_STRINGS_base64_encode (enc_token,
                                strlen (token_str),
@@ -456,6 +554,7 @@ identity_token_code_serialize (struct IdentityTokenCode *identity_token_code,
  char *token_code_str;
  char *dh_key_str;
  char *write_ptr;
+  struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey;
  struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
@@ -465,8 +564,11 @@ identity_token_code_serialize (struct IdentityTokenCode *identity_token_code,
  GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (code_payload_str,
                                                 &identity_token_code->aud_key,
                                                 &enc_token_code_payload,
+                                                 &ecdhe_privkey,
                                                 &identity_token_code->ecdh_pubkey));
+  GNUNET_free (ecdhe_privkey);
  purpose = 
    GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + 
                   sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + //E
@@ -509,6 +611,7 @@ identity_token_code_serialize (struct IdentityTokenCode *identity_token_code,
 int
 identity_token_code_payload_parse(const char *raw_data,
+                                  ssize_t data_len,
                                  const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
                                  const struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe_pkey,
                                  struct IdentityTokenCodePayload **result)
@@ -528,7 +631,7 @@ identity_token_code_payload_parse(const char *raw_data,
  if (GNUNET_OK != decrypt_str_ecdhe (priv_key,
                                      ecdhe_pkey,
                                      raw_data,
-                                      strlen (raw_data),
+                                      data_len,
                                      &meta_str))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Metadata decryption failed\n");
@@ -668,6 +771,7 @@ identity_token_code_parse (const char *raw_data,
  identity_token_code_payload_parse (enc_meta,
+                                     enc_meta_len,
                                     priv_key,
                                     (const struct GNUNET_CRYPTO_EcdhePublicKey*)&token_code->ecdh_pubkey,
                                     &token_code_payload);

diff --git a/src/identity-token/identity-token.c b/src/identity-token/identity-token.c index 9f22f1671..dc0154c21 100644 --- a/src/identity-token/identity-token.c +++ b/src/identity-token/identity-token.c
@@ -57,21 +57,23 @@ create_sym_key_from_ecdh(const struct GNUNET_HashCode *new_key_hash,
57	return GNUNET_OK;	57	return GNUNET_OK;
58	}	58	}
59		59
		60
		61
60	/**	62	/**
61	* Decrypts metainfo part from a token code	63	* Decrypts metainfo part from a token code
62	*/	64	*/
63	static int	65	static int
64	decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,	66	decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
65	const struct GNUNET_CRYPTO_EcdhePublicKey *ecdh_key,	67	const struct GNUNET_CRYPTO_EcdhePublicKey *ecdh_key,
66	const char *enc_str,	68	const char *cyphertext,
67	size_t enc_str_len,	69	size_t cyphertext_len,
68	char **result_str)	70	char **result_str)
69	{	71	{
70	struct GNUNET_HashCode new_key_hash;	72	struct GNUNET_HashCode new_key_hash;
71	struct GNUNET_CRYPTO_SymmetricSessionKey enc_key;	73	struct GNUNET_CRYPTO_SymmetricSessionKey enc_key;
72	struct GNUNET_CRYPTO_SymmetricInitializationVector enc_iv;	74	struct GNUNET_CRYPTO_SymmetricInitializationVector enc_iv;
73		75
74	char *str_buf = GNUNET_malloc (enc_str_len);	76	char *str_buf = GNUNET_malloc (cyphertext_len);
75	size_t str_size;	77	size_t str_size;
76		78
77	//Calculate symmetric key from ecdh parameters	79	//Calculate symmetric key from ecdh parameters
@@ -83,15 +85,16 @@ decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
83	&enc_key,	85	&enc_key,
84	&enc_iv);	86	&enc_iv);
85		87
86	str_size = GNUNET_CRYPTO_symmetric_decrypt (enc_str,	88	str_size = GNUNET_CRYPTO_symmetric_decrypt (cyphertext,
87	enc_str_len,	89	cyphertext_len,
88	&enc_key,	90	&enc_key,
89	&enc_iv,	91	&enc_iv,
90	str_buf);	92	str_buf);
91	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Decrypted bytes: %d Expected bytes: %d\n", str_size, enc_str_len);	93	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Decrypted bytes: %d Expected bytes: %d\n", str_size, cyphertext_len);
92	if (-1 == str_size)	94	if (-1 == str_size)
93	{	95	{
94	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "ECDH invalid\n");	96	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "ECDH invalid\n");
		97	GNUNET_free (str_buf);
95	return GNUNET_SYSERR;	98	return GNUNET_SYSERR;
96	}	99	}
97	*result_str = GNUNET_malloc (str_size+1);	100	*result_str = GNUNET_malloc (str_size+1);
@@ -103,37 +106,71 @@ decrypt_str_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
103	}	106	}
104		107
105	/**	108	/**
		109	* Decrypt string using pubkey and ECDHE
		110	*/
		111	static int
		112	decrypt_str_ecdhe2 (const struct GNUNET_CRYPTO_EcdhePrivateKey *ecdh_privkey,
		113	const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
		114	const char *ciphertext,
		115	size_t ciphertext_len,
		116	char **plaintext)
		117	{
		118	struct GNUNET_CRYPTO_SymmetricSessionKey skey;
		119	struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
		120	struct GNUNET_HashCode new_key_hash;
		121
		122	//This is true see documentation for GNUNET_CRYPTO_symmetric_encrypt
		123	*plaintext = GNUNET_malloc (ciphertext_len);
		124
		125	// Derived key K = H(eB)
		126	GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdh_ecdsa (ecdh_privkey,
		127	aud_key,
		128	&new_key_hash));
		129	create_sym_key_from_ecdh(&new_key_hash, &skey, &iv);
		130	GNUNET_CRYPTO_symmetric_decrypt (ciphertext,
		131	ciphertext_len,
		132	&skey, &iv,
		133	*plaintext);
		134	return GNUNET_OK;
		135	}
		136
		137
		138	/**
106	* Encrypt string using pubkey and ECDHE	139	* Encrypt string using pubkey and ECDHE
107	* Returns ECDHE pubkey to be used for decryption	140	* Returns ECDHE pubkey to be used for decryption
108	*/	141	*/
109	static int	142	static int
110	encrypt_str_ecdhe (const char *data,	143	encrypt_str_ecdhe (const char *plaintext,
111	const struct GNUNET_CRYPTO_EcdsaPublicKey *pub_key,	144	const struct GNUNET_CRYPTO_EcdsaPublicKey *pub_key,
112	char **enc_data_str,	145	char **cyphertext,
		146	struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey,
113	struct GNUNET_CRYPTO_EcdhePublicKey *ecdh_pubkey)	147	struct GNUNET_CRYPTO_EcdhePublicKey *ecdh_pubkey)
114	{	148	{
115	struct GNUNET_CRYPTO_EcdhePrivateKey *ecdh_privkey;
116	struct GNUNET_CRYPTO_SymmetricSessionKey skey;	149	struct GNUNET_CRYPTO_SymmetricSessionKey skey;
117	struct GNUNET_CRYPTO_SymmetricInitializationVector iv;	150	struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
118	struct GNUNET_HashCode new_key_hash;	151	struct GNUNET_HashCode new_key_hash;
119		152	ssize_t enc_size;
		153
120	// ECDH keypair E = eG	154	// ECDH keypair E = eG
121	ecdh_privkey = GNUNET_CRYPTO_ecdhe_key_create();	155	*ecdh_privkey = GNUNET_CRYPTO_ecdhe_key_create();
122	GNUNET_CRYPTO_ecdhe_key_get_public (ecdh_privkey,	156	GNUNET_CRYPTO_ecdhe_key_get_public (*ecdh_privkey,
123	ecdh_pubkey);	157	ecdh_pubkey);
124		158
125	*enc_data_str = GNUNET_malloc (strlen (data));	159	//This is true see documentation for GNUNET_CRYPTO_symmetric_encrypt
		160	*cyphertext = GNUNET_malloc (strlen (plaintext));
126		161
127	// Derived key K = H(eB)	162	// Derived key K = H(eB)
128	GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdh_ecdsa (ecdh_privkey,	163	GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdh_ecdsa (*ecdh_privkey,
129	pub_key,	164	pub_key,
130	&new_key_hash));	165	&new_key_hash));
131	create_sym_key_from_ecdh(&new_key_hash, &skey, &iv);	166	create_sym_key_from_ecdh(&new_key_hash, &skey, &iv);
132	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypting string %s\n", data);	167	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypting string %s\n (len=%d)",
133	GNUNET_CRYPTO_symmetric_encrypt (data, strlen (data),	168	plaintext,
134	&skey, &iv,	169	strlen (plaintext));
135	*enc_data_str);	170	enc_size = GNUNET_CRYPTO_symmetric_encrypt (plaintext, strlen (plaintext),
136	GNUNET_free (ecdh_privkey);	171	&skey, &iv,
		172	*cyphertext);
		173	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Encrypted (len=%d)", enc_size);
137	return GNUNET_OK;	174	return GNUNET_OK;
138	}	175	}
139		176
@@ -209,6 +246,65 @@ identity_token_add_json (const struct IdentityToken *token,
209		246
210		247
211	int	248	int
		249	identity_token_parse2 (const char* raw_data,
		250	const struct GNUNET_CRYPTO_EcdhePrivateKey *priv_key,
		251	const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
		252	struct IdentityToken **result)
		253	{
		254	char *enc_token_str;
		255	char *tmp_buf;
		256	char *token_str;
		257	char *enc_token;
		258	char *header;
		259	char *header_base64;
		260	char *payload;
		261	char *payload_base64;
		262	size_t enc_token_len;
		263	json_error_t err_json;
		264
		265	GNUNET_asprintf (&tmp_buf, "%s", raw_data);
		266	strtok (tmp_buf, ",");
		267	enc_token_str = strtok (NULL, ",");
		268
		269	enc_token_len = GNUNET_STRINGS_base64_decode (enc_token_str,
		270	strlen (enc_token_str),
		271	&enc_token);
		272	if (GNUNET_OK != decrypt_str_ecdhe2 (priv_key,
		273	aud_key,
		274	enc_token,
		275	enc_token_len,
		276	&token_str))
		277	{
		278	GNUNET_free (tmp_buf);
		279	GNUNET_free (enc_token);
		280	return GNUNET_SYSERR;
		281	}
		282
		283	header_base64 = strtok (token_str, ".");
		284	payload_base64 = strtok (NULL, ".");
		285
		286	GNUNET_STRINGS_base64_decode (header_base64,
		287	strlen (header_base64),
		288	&header);
		289	GNUNET_STRINGS_base64_decode (payload_base64,
		290	strlen (payload_base64),
		291	&payload);
		292	//TODO signature
		293
		294
		295	*result = GNUNET_malloc (sizeof (struct IdentityToken));
		296	(result)->aud_key = aud_key;
		297	(*result)->header = json_loads (header, JSON_DECODE_ANY, &err_json);
		298	(*result)->payload = json_loads (payload, JSON_DECODE_ANY, &err_json);
		299	GNUNET_free (enc_token);
		300	GNUNET_free (token_str);
		301	GNUNET_free (tmp_buf);
		302	GNUNET_free (payload);
		303	GNUNET_free (header);
		304	return GNUNET_OK;
		305	}
		306
		307	int
212	identity_token_parse (const char* raw_data,	308	identity_token_parse (const char* raw_data,
213	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,	309	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
214	struct IdentityToken **result)	310	struct IdentityToken **result)
@@ -342,6 +438,7 @@ identity_token_to_string (const struct IdentityToken *token,
342	int	438	int
343	identity_token_serialize (const struct IdentityToken *token,	439	identity_token_serialize (const struct IdentityToken *token,
344	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,	440	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
		441	struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey,
345	char **result)	442	char **result)
346	{	443	{
347	char *token_str;	444	char *token_str;
@@ -357,6 +454,7 @@ identity_token_serialize (const struct IdentityToken *token,
357	GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (token_str,	454	GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (token_str,
358	&token->aud_key,	455	&token->aud_key,
359	&enc_token,	456	&enc_token,
		457	ecdh_privkey,
360	&ecdh_pubkey));	458	&ecdh_pubkey));
361	GNUNET_STRINGS_base64_encode (enc_token,	459	GNUNET_STRINGS_base64_encode (enc_token,
362	strlen (token_str),	460	strlen (token_str),
@@ -456,6 +554,7 @@ identity_token_code_serialize (struct IdentityTokenCode *identity_token_code,
456	char *token_code_str;	554	char *token_code_str;
457	char *dh_key_str;	555	char *dh_key_str;
458	char *write_ptr;	556	char *write_ptr;
		557	struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey;
459		558
460	struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;	559	struct GNUNET_CRYPTO_EccSignaturePurpose *purpose;
461		560
@@ -465,8 +564,11 @@ identity_token_code_serialize (struct IdentityTokenCode *identity_token_code,
465	GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (code_payload_str,	564	GNUNET_assert (GNUNET_OK == encrypt_str_ecdhe (code_payload_str,
466	&identity_token_code->aud_key,	565	&identity_token_code->aud_key,
467	&enc_token_code_payload,	566	&enc_token_code_payload,
		567	&ecdhe_privkey,
468	&identity_token_code->ecdh_pubkey));	568	&identity_token_code->ecdh_pubkey));
469		569
		570	GNUNET_free (ecdhe_privkey);
		571
470	purpose =	572	purpose =
471	GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +	573	GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
472	sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + //E	574	sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + //E
@@ -509,6 +611,7 @@ identity_token_code_serialize (struct IdentityTokenCode *identity_token_code,
509		611
510	int	612	int
511	identity_token_code_payload_parse(const char *raw_data,	613	identity_token_code_payload_parse(const char *raw_data,
		614	ssize_t data_len,
512	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,	615	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key,
513	const struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe_pkey,	616	const struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe_pkey,
514	struct IdentityTokenCodePayload **result)	617	struct IdentityTokenCodePayload **result)
@@ -528,7 +631,7 @@ identity_token_code_payload_parse(const char *raw_data,
528	if (GNUNET_OK != decrypt_str_ecdhe (priv_key,	631	if (GNUNET_OK != decrypt_str_ecdhe (priv_key,
529	ecdhe_pkey,	632	ecdhe_pkey,
530	raw_data,	633	raw_data,
531	strlen (raw_data),	634	data_len,
532	&meta_str))	635	&meta_str))
533	{	636	{
534	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Metadata decryption failed\n");	637	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Metadata decryption failed\n");
@@ -668,6 +771,7 @@ identity_token_code_parse (const char *raw_data,
668		771
669		772
670	identity_token_code_payload_parse (enc_meta,	773	identity_token_code_payload_parse (enc_meta,
		774	enc_meta_len,
671	priv_key,	775	priv_key,
672	(const struct GNUNET_CRYPTO_EcdhePublicKey*)&token_code->ecdh_pubkey,	776	(const struct GNUNET_CRYPTO_EcdhePublicKey*)&token_code->ecdh_pubkey,
673	&token_code_payload);	777	&token_code_payload);